- From: <bugzilla@jessica.w3.org>
- Date: Tue, 22 Oct 2013 12:05:47 +0000
- To: public-html-bugzilla@w3.org
https://www.w3.org/Bugs/Public/show_bug.cgi?id=23593 Bug ID: 23593 Summary: New restriction for safe CDATA content in script elements: the string <script> needs to be escaped. Product: HTML WG Version: unspecified Hardware: PC OS: Windows NT Status: NEW Severity: normal Priority: P3 Component: HTML/XHTML Compatibility Authoring Guide (ed: Eliot Graff) Assignee: xn--mlform-iua@xn--mlform-iua.no Reporter: xn--mlform-iua@xn--mlform-iua.no QA Contact: public-html-bugzilla@w3.org CC: eliotgra@microsoft.com, mike@w3.org, public-html-admin@w3.org, public-html-wg-issue-tracking@w3.org, qbolec@gmail.com, robin@w3.org, xn--mlform-iua@xn--mlform-iua.no Depends on: 23587 See comment number 1 in Bug #23587. Polyglot Markup describes ”safe CDATA content”, which is a description of the content that can be safely inserted into a script or style element provided that it is wrapped inside a CDATA declaration. Simply put, that content has to match what the parser rules for the text/html serialization. However, Jakub Łopuszański’s bug, bug #23587, shows that we also need to say something about escaping the <script> start tag, if it occurs inside a comment inside the script element - see comment number 1 of Bug #23587. -- You are receiving this mail because: You are the QA Contact for the bug.
Received on Tuesday, 22 October 2013 12:05:50 UTC